assurance - Re: [Assurance] can two-factor be hacked ?

Subject: Assurance

List archive

Re: [Assurance] can two-factor be hacked ?

From: Tom Scavo <>
To:
Subject: Re: [Assurance] can two-factor be hacked ?
Date: Mon, 10 Mar 2014 18:06:27 -0400

On Fri, Mar 7, 2014 at 2:39 PM, Steven Carmody
<>
wrote:
>
> So, beyond user education, what might people suggest as a way to detect,
> block, or prevent this sort of potentially-password-stealing approach, that
> could even handle some forms of two-factor ?

Sorry, I'm late to the party but this old blog article by Bruce
Schneier is relevant:

https://www.schneier.com/blog/archives/2005/04/more_on_twofact.html

Briefly, Schneier's recommendation is: authenticate the transaction,
not the user.

Tom

[Assurance] can two-factor be hacked ?, Steven Carmody, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
  - RE: [Assurance] can two-factor be hacked ?, Eric Goodman, 03/10/2014
- Re: [Assurance] can two-factor be hacked ?, Tom Scavo, 03/10/2014
  - RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/10/2014
    - Re: [Assurance] can two-factor be hacked ?, Tom Scavo, 03/10/2014
      - RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/11/2014
        
        Re: [Assurance] can two-factor be hacked ?, Farmer, Jacob, 03/11/2014
        
        RE: [Assurance] can two-factor be hacked ?, Brian Arkills, 03/11/2014
        
        Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/11/2014
        Re: [Assurance] can two-factor be hacked ?, Steven Carmody, 03/12/2014
        Re: [Assurance] can two-factor be hacked ?, Tom Scavo, 03/12/2014
        Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/12/2014
        Re: [Assurance] can two-factor be hacked ?, Tom Scavo, 03/12/2014

List archive

Re: [Assurance] can two-factor be hacked ?